jsc0218
afa7a95c8c
add backward compatibility
2024-02-20 02:11:31 +00:00
Maksim Kita
2a327107b6
Updated implementation
2024-01-25 14:31:49 +03:00
Bharat Nallan Chakravarthy
3e8439a78b
add to context access and suggest
2023-12-30 20:38:35 -08:00
Robert Schulze
71faa8b198
Improve checks
2023-10-19 22:16:17 +00:00
Robert Schulze
48cff2fcec
Add diagnostic checks for issue 55041
2023-10-19 18:04:49 +00:00
Alexey Milovidov
93a10980e9
Fix review comments
2023-08-06 16:27:45 +02:00
Alexey Milovidov
ce2fcc8f33
Fix wording
2023-08-06 14:48:20 +02:00
Alexey Gerasimchuck
e58b3cfd32
Implemented max sessions for user
2023-07-30 22:09:03 +00:00
Vitaly Baranov
fff1ae7369
Use default destructor for ContextAccess.
2023-07-17 17:14:00 +02:00
Vitaly Baranov
0e4b75a282
Avoid keeping lock Context::getLock() while calculating access rights when a user logs in.
2023-07-17 14:59:14 +02:00
Vitaly Baranov
018546a57d
Avoid keeping lock Context::getLock() while recalculating access rights of a connected user.
2023-07-17 14:59:14 +02:00
Vitaly Baranov
2311dd9b5d
Use TSA_GUARDED_BY() macro in the definition of ContextAccess.
2023-06-30 15:18:54 +02:00
Alexey Milovidov
b19b87a3e5
Whitespaces
2023-06-18 20:42:27 +02:00
kssenii
75624c52f7
Merge remote-tracking branch 'upstream/master' into named-collections-granular-access
2023-03-20 16:38:14 +01:00
Roman Vasin
b5bb2eb3dc
Add new grant CREATE ARBITRARY TEMPORARY TABLE
2023-03-06 07:20:05 +00:00
kssenii
0555ca2724
Review fixes
2023-02-24 14:44:47 +01:00
kssenii
0c53f33e6f
Make code more common: add GlobalWithParameter level
2023-02-15 16:59:43 +01:00
kssenii
9e04e57949
Allow to give access only to certain named collections
2023-02-09 17:22:57 +01:00
Alexander Tokmakov
3744fa2c63
format more messages
2023-01-25 21:16:42 +01:00
Alexander Tokmakov
3f6594f4c6
forbid old ctor of Exception
2023-01-23 22:18:05 +01:00
Alexander Tokmakov
70d1adfe4b
Better formatting for exception messages ( #45449 )
...
* save format string for NetException
* format exceptions
* format exceptions 2
* format exceptions 3
* format exceptions 4
* format exceptions 5
* format exceptions 6
* fix
* format exceptions 7
* format exceptions 8
* Update MergeTreeIndexGin.cpp
* Update AggregateFunctionMap.cpp
* Update AggregateFunctionMap.cpp
* fix
2023-01-24 00:13:58 +03:00
Vitaly Baranov
6bc8b544ce
Merge branch 'master' into correct-error-message-after-dropping-current-user
2022-11-10 13:36:52 +01:00
Vitaly Baranov
675507594a
Make error message after dropping current user more correct.
2022-11-09 21:01:05 +01:00
Vladimir Chebotaryov
d17b7387f9
Reworked changes to std::shared_ptr<const RowPolicyFilter>
.
2022-10-27 10:42:55 +03:00
Vladimir Chebotaryov
4cabe1f57c
Added applied row-level policies to system.query_log
.
2022-10-27 10:41:47 +03:00
Robert Schulze
c185353bf0
Minor: remove unnecessary ContextAccess::make() method
2022-08-30 08:06:42 +00:00
Konstantin Morozov
38a85ade27
refactoring: small up
2022-08-28 22:33:12 +03:00
Konstantin Morozov
b4de735a90
refactoring: fix space
2022-08-28 20:55:08 +03:00
Konstantin Morozov
75bd61fad5
Merge remote-tracking branch 'origin/ref/remove-unnecessary-allocation' into ref/remove-unnecessary-allocation
...
# Conflicts:
# src/Access/ContextAccess.cpp
# src/Access/ContextAccess.h
2022-08-28 20:50:29 +03:00
Konstantin Morozov
7cd2821aed
refactoring: template make helper
2022-08-28 20:42:55 +03:00
Konstantin Morozov
4050ab819e
refactoring: remove unnecessary allocation
2022-08-28 17:23:17 +03:00
Konstantin Morozov
d4d80dd3c1
refactoring: remove unnecessary allocation
2022-08-28 17:09:13 +03:00
Vitaly Baranov
6bf7bffbeb
Correct the list of always accessible system tables.
2022-07-15 15:44:29 +02:00
Vitaly Baranov
de34d173ba
Remove excessive log messages.
2022-07-15 15:44:29 +02:00
Vitaly Baranov
c85b2b5732
Add option enabling that SELECT from the system database requires grant.
2022-07-15 15:44:25 +02:00
avogar
9291d33080
Pass const std::string_view & by value, not by reference
2022-07-14 16:11:57 +00:00
Vitaly Baranov
ae2f586170
Fix crash when granting ALL on cluster.
2022-07-01 12:19:56 +02:00
Vitaly Baranov
241b51c7d4
Add implicit grants with grant option too. ( #38017 )
2022-06-14 00:09:51 +02:00
Vitaly Baranov
d199478169
Merge pull request #37303 from ClickHouse/fix_trash
...
Try to fix some trash
2022-06-07 10:17:39 +02:00
Alexander Tokmakov
cce9057eef
fix style check
2022-06-02 15:27:32 +02:00
Alexander Tokmakov
3d346c766a
better code
2022-06-01 16:49:26 +02:00
Maksim Kita
d1a4550b4f
Fix create or drop of sql user defined functions in readonly mode
2022-05-31 17:23:41 +02:00
Alexander Tokmakov
4e52f45695
Merge branch 'master' into fix_trash
2022-05-28 19:43:19 +02:00
Alexander Tokmakov
779e6ea0b9
make it better, fix on cluster queries
2022-05-25 20:17:49 +02:00
Vitaly Baranov
58f4a86ec7
Rework notifications used in access management.
2022-05-21 10:15:39 +02:00
Vitaly Baranov
f34a5cdee2
Merge branch 'master' into ON_CLUSTER-grant
2022-05-17 13:21:20 +02:00
Azat Khuzhin
01e1c5345a
Add separate CLUSTER grant
...
In case you have different roles for the same user on multiple clusters,
ON CLUSTER query can help to overcome some limitations.
Consider the following example:
- cluster_with_data, dev_user (readonly=2)
- stage_cluster, dev_user (readonly=0)
So when you will execute the following query from stage_cluster, it will
be successfully executed, since ON CLUSTER queries has different system
profile:
DROP DATABASE default ON CLUSTER cluster_with_data
This is not 100% safe, but at least something.
Note, that right now only ON CLUSTER query it self is supported, but
separate clusters are not (i.e. GRANT CLUSTER some_cluster_name TO
default), since right now grants sticked to database+.
v2: on_cluster_queries_require_cluster_grant
v3: fix test and process flags as bit mask
Signed-off-by: Azat Khuzhin <a.khuzhin@semrush.com>
2022-05-16 13:57:45 +03:00
Robert Schulze
1b81bb49b4
Enable clang-tidy modernize-deprecated-headers & hicpp-deprecated-headers
...
Official docs:
Some headers from C library were deprecated in C++ and are no longer
welcome in C++ codebases. Some have no effect in C++. For more details
refer to the C++ 14 Standard [depr.c.headers] section. This check
replaces C standard library headers with their C++ alternatives and
removes redundant ones.
2022-05-09 08:23:33 +02:00
Amos Bird
4a5e4274f0
base should not depend on Common
2022-04-29 10:26:35 +08:00
Maksim Kita
47412c9619
Fixed unit tests
2022-02-10 19:31:02 +00:00